Ubuntu bakes Amazon search results into OS to raise cash

The new version of Ubuntu Linux slated for release in October introduces a feature that some users claim is at worst a violation of privacy or, at best, generally annoying. Ubuntu 12.10 introduces search results from Amazon into the Dash. That means you could be searching for a file or application on your computer and get shopping results under a "more suggestions" section after your general results.

Canonical Founder Mark Shuttleworth took to his blog yesterday to defend the move, saying the "Home Lens of the Dash should let you find *anything* anywhere." Adding Amazon results is just the first step in expanding the scope of Dash searches from the user's computer to the entire Web, a sensible place to start as Amazon affiliate links will help Canonical fund the development of Ubuntu. "We picked Amazon as a first place to start because most of our users are also regular users of Amazon, and it pays us to make your Amazon journey get off to a faster start," Shuttleworth wrote.

In response to accusations of privacy violations, Shuttleworth wrote, "We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already." The "we have root" statement raised some more hackles in the comments section of Shuttleworth's blog. Explaining what he meant, Shuttleworth said, "Every package update installs as root."

Shuttleworth also noted that users can use hotkeys to limit search results to local results, such as just applications, or remove the new functionality entirely. The terminal command to do so is "apt-get remove unity-lens-shopping."

In practice, it's not quite as intrusive as, say, the "special offers" on Amazon's Kindle Fire. But user complaints have increased over the past few days as people test out the prerelease version of 12.10. One user filed a bug report suggesting that Amazon make shopping results a separate, opt-in portion of the Dash. Not everyone hates it—a commenter on Shuttleworth's blog wrote, "I only wish I’d known about this before spending £400 odd quid on Amazon last week, I would have affiliated it to Ubuntu."

OMGUbuntu has more on how the Amazon shopping lens works in practice, including screenshots. In addition to the shopping results, the launcher bar in Ubuntu 12.10 comes preinstalled with an Amazon Web app link, the site also reports. But getting rid of it is as easy as dragging the icon to the trash.

Promoted Comments

As a fundraiser it's a pretty good idea - I have some amazon affiliate links on the site for an app I wrote, and I'm amazed at how broadly amazon defines "purchased via your link and thus eligible for the affiliate program". The stuff I link to are phones, phone holders, gps units, obd2 readers, etc, but I often end up getting my affiliate kickbacks for completely unrelated crap like music, empty jam jars, and other stuff that the viewer eventually bought after clicking my link.

As a way to build user trust and your brand, probably a pretty terrible idea. Before, a user knew: "Canonical has root and generally makes a good product". Now they know "Canonical has root and has a low enough opinion of my privacy and user experience that they are willing to install crapware-like features to support ubuntu".

Just registered to say this: think about Microsoft sending what you type in the search bar to someone, even themselves. Or Apple. Can you imagine the outrage? If Ubuntu aims to replace any of those, it has to be measured with the same stick.

What this raises for me is the question if replacing MS or Apple is any longer a goal for Canonical.

This may generate some income for Ubuntu, but is really a bad idea. Or is this the beginning of a "freemium" model where you pay to remove the ads and increase your privacy?

Is it annoying? Certainly. Should it be opt-out? Probably. Does it mean Canonical is a company with income needs? Definitely. Is it going to be the end of the world? Doubtful.

Using "apt-get remove" or using Synaptics is something any competent Ubuntu user should be able to. Just like how any competent Windows user can use Add/Remove Programs.

Ubuntu has every right to include this. I also retain the right to use a distro which I feel is more responsive to the community, perhaps Debian, Mint, or Fedora. The fact other distros can exist, based off Ubuntu, but changed to suit a particular interest, is why I'm not raging.

I actually have no intention of removing this, probably just relegate it to its own lens.

We buy regularly from/through Amazon. If I got Ubuntu, I would be happy with an Amazon button that gave Canonical an affiliate slice. Great idea. They could even hack the browser to change amazon.com to their affiliate version. But tacking Amazon ads on to a file search seems crazy.

As usual, a good idea is executed badly. It should be opt-in... But make it clear annd easy to opt-out and in at will. Make a plea to your fan base to support Ubuntu by using their nifty Amazon plug ins. Give straightforward and BRIEF explainations on how privacy is maintained and even enhanced by using the features.

Linux users are a loyal bunch. Given choice, they'll usually go the distance in support of their preferred distro!

Since most user of Ubuntu are computer geeks, there will be hack soon to complete remove this search result.

I suspect the first thing for Ubuntu user after install the new OS is to remove this feature, Nothing to worry here.

Quote:

apt-get remove unity-lens-shopping

RTFA

Read my last sentence. also. I like to call it a hack for anything require root access. How I use the word is my choice.

You should probably go read about what hacking really means, then.

here: hacking Did not explicitly imply to computer hacking with advanced technique and skill.

Quote:

explicitly imply

ಠ_ಠ

In this context, the only context that makes any sense for this subject, "hacking" does not cover using a piece of software in a way its developer(s) intended to do something completely ordinary.

Nonsense, my computer-illiterate grandmother hacks her Windows computer on a daily basis when she instinctively clicks the "Yes" button to UAC prompts for semi-automatic software updates and such! She's a hacker I tell you!

Edit: That said, there really should be a prompt at least indicating whether the user would like to enable automatic web-searches or not be it during installation or initial boot up. I frequently use Amazon and thus would be happy to use such a lens (be it for my convenience or Canonical's commission/funding) but I should first be made aware of such privacy-damaging features and how to disable them.

Personally I'd like to see an option closer to how Chrome/Chromium handles this. That is, via a keyword prefix to specify the individual website or websites collectively that are searched.

So, if I use xfce this has no impact on me right? Seriously, just don't use their desktop guys. Install a different one, you'll be happier for a variety of reasons.

I'm actually less concerned about the privacy here (like he said, your OS already knows creepy things about you, and they could know more). I'm more concerned about the bad UI this represents. No one wants search everything everywhere. When they open up desktop search they know what they're looking for is on their computer (or maybe their LAN, maybe). That's where you should search. Adding in Internet results (commercial or not) is ignoring information that they've given you.

And I'm also concerned with the commercialization: By which I mean the advertising. I don't care if Ubuntu makes money. I care if it has ads on it.

I'd be totally happy with this if I could send them $4.99 a year and they completely opted me out of it. I'd actually kind of like to pay for Linux, the trouble is Ubuntu is one of the few I've seen that's been worth paying for (until they ruined the default desktop), but they never charged. I could donate (maybe I have) but for some reason I'm just a lot less likely to do that. I've found that on Android I usually try an app's ad version, if I find myself using it after a week I buy it. If I don't use it I uninstall it. Getting Ubuntu to a similar setup seems reasonable to me.

Excuse me, but I don't see the need for RAGE over this.Using "apt-get remove" or using Synaptics is something any competent Ubuntu user should be able to. Just like how any competent Windows user can use Add/Remove Programs.

"People who don't know terminal-fu and/or don't obsessively track technical news to be aware of the full implications of this situation shouldn't be using Linux anyway!"

We buy regularly from/through Amazon. If I got Ubuntu, I would be happy with an Amazon button that gave Canonical an affiliate slice. Great idea. They could even hack the browser to change amazon.com to their affiliate version.

I guarantee that if they hacked your browser to redirect amazon.com to their affiliate link Amazon wouldn't honor the affiliate payments. Amazon has to get something for those payments.

I would imagine an Amazon "app" that just opens firefox with their affiliate link would make Amazon happy though.

I don't really like this, and I'm glad it's easy to remove, but truth be told, unless Gabe makes games on Ubuntu feasible, I won't be affected. I think it should be a separate option only: search Amazon from your desktop, not at the same time as a local search. I really don't want "Monthly Budget.ods" or "Contacts.csv" to get searched for on Amazon (those are probably poor examples but you get the idea).

For me this brings up a question about selling my data in general.

I don't recall ever having seen a plain-English explanation in a TOU/TOS that says "We will make money off of YOUR information," from Facebook or any others.

Here in the litigious states of America, what are the chances of successfully suing, on any grounds, for that? I don't recall selling or otherwise releasing "my" information.

I don't think they are required to put it in plain terms. Instead they say things like, "we share information with our partners." What is a partner? It's another company with which they have an arrangement via which resources are shared. For example, they give the partner your information, their partner gives them money. Obfuscation is not usually illegal.

We buy regularly from/through Amazon. If I got Ubuntu, I would be happy with an Amazon button that gave Canonical an affiliate slice. Great idea. They could even hack the browser to change amazon.com to their affiliate version.

I guarantee that if they hacked your browser to redirect amazon.com to their affiliate link Amazon wouldn't honor the affiliate payments. Amazon has to get something for those payments.

I would imagine an Amazon "app" that just opens firefox with their affiliate link would make Amazon happy though.

This wouldn't really convenience users at all though, provides less return for Amazon (I'd venture a guess that more people would remove the shortcut than uninstall the shopping lens), and most would likely forget to use such a shortcut in instances where they do buy goods anyways.

To people who didn't read the article: There is no 'hack' needed to remove it. You can uninstall it like any normal package or depending on installation method choose not to install it.

More importantly, as Shuttleworth explained it on his blog, this is not like affiliate links, but instead Amazon pays a flat fee for the integration, and no information is transmitted as their is with affiliate links. At least that is how I understood him.

As far as I can tell, there seems nothing wrong with what Canonical is doing. However, in a 24 hr, click baiting media environment, they should have predicted they would get unfairly roasted for this, and have their brand damaged by it.

Mitt: "Ann! Do you know where I saved that file with our secret Swiss Bank accounts?"

Ann: "Oh honey. I don't know. Just search for it in that convenient little search bar they just added with the latest update."

Mitt: "You want me to Google it!?"

Ann: "Don't be silly! It's just a search of our local drive. How could anyone know what we search for in our our own drive? You've been hanging out with those conspiracy theorists again -- haven't you?"

In this context, the only context that makes any sense for this subject, "hacking" does not cover using a piece of software in a way its developer(s) intended to do something completely ordinary.

Quote:

Nonsense, my computer-illiterate grandmother hacks her Windows computer on a daily basis when she instinctively clicks the "Yes" button to UAC prompts for semi-automatic software updates and such! She's a hacker I tell you!

This wouldn't really convenience users at all though, provides less return for Amazon (I'd venture a guess that more people would remove the shortcut than uninstall the shopping lens), and most would likely forget to use such a shortcut in instances where they do buy goods anyways.

Shuttleworth made it clear from the get go that Ubuntu would be free to install/use as a commodity, but that in doing so his goal was the monetize the community that built-up around it. It started with Ubuntu's support / help contracts. Ubuntu's pay-for certification programs. Canonical's pay-for programming efforts. etc, etc, etc. We've moved on to app stores built-in, now shopping search engines built-in. I think this is sort of fabricated outrage. You can easily uninstall the feature. You can easily manipulate most aspects of Ubuntu. There's nothing wrong with a guy trying to profit and keep his OS alive while still providing it free of charge. If there was no way around this, and they were shuffling all of your personal info off to Amazon to send you targetted ads...ok, sure, throw a fit. But all they're doing is forwarding a search query term you're typing into Dash towards Amazon, and Amazon sends you back results that may hit what you're looking for. It's the same as using Google to search for something, and a targetted ad shows up based on your search. It's not scraping your computer for specific info or things behind your back.

edit:

What would really be awkward is if you ran the hard drive diagnostic app, and suddenly an Amazon pop-up shows "hey, I noticed your hard drive sucks, can we interest you in ... " THAT would be creepy.

Well - if I go in and change "root" and lock it down and he still has a back door into my system - we have a big problem.

Otherwise - There is a reason I choose a Mac or PC over - "browser"-based OS (Chrome OS - FF OS) or Ad-supported OSes (like UNbuntu now apparently).

I'll be happy to pay a fee to not have to worry about it. (Apple and M$ demons aside)

IF the Ubuntu dev group wants to make an ad-supported OS then they need to step up and make an anouncement about it - not sneak this crap in thru baby-steps.

Even ion FF I have the option of using their ad-revenue search box or not. I can readily search my bnookmarks and history without fear that FF will push out the to web in some fashion until I choose to.

And personally - if I am searching my harddrive vs searching for something on the Internet - there is a clear distinction between the 2.

Why the hell - would I need Internet shopping results for a search for a local PDF file I created last week - that never went online anywhere ?

The "we have root" comment is really troubling, and should have never happened in the first place. It bespeaks a really troubling set of assumptions on Canonical's part.

To my mind it's like if the company I hired to install the locks on my house showed up the next day, let themselves in, started photographing all my stuff, and then sent the photos off to a marketing company.

I'd ask them "Hey, what the hell are you doing?", to which the reply is "You trusted us to install the locks and secure your house and your stuff. That means that you trust us with your stuff."

It does not. And I do *not* trust Canonical with my data, even though I trust them to secure my data. Those are two very different things.

Cross-posting seems not to run afoul of posting guidelines, so please allow me to repeat a comment I made on Mark Shuttleworth's blog. This is not so much about the main point as to the "we have root", so please disregard if you think I am out of line.

I have to thank ArsTechnica for raising the issue.

"Mark, you wrote: “If you use Ubuntu, you are trusting the Ubuntu and Debian (and large swathes of the open source community at large) not to make mistakes, or to address them quickly if they do.” But this is absolutely untrue. I trust them to make the best effort that can be done in the open-source ecosystem. I trust that if I find bugs and and if I document them developers will listen to me and together we’ll come to a solution. Together Mark, not waiting for the next patch as if I was using Microsoft or Oracle. The beauty of open-source and the GPL is that we are not consumers of software, we are part of a community. With your comments, you are throwing away twenty years of the Linux model.

As for the “we have root”, I am shocked. I have root, Mark, not you. I have control over my system, being in charge is the whole point of installing Linux instead of proprietary software. I have spent enough time and effort on Linux systems since 1995 not to read such a thing from a prominent member of the Linux community. I am very sincerely and deeply upset by what your comments show, even more than by this Amazon business. I have used Ubuntu for quite some time now because of convenience, but this will be finished by the time I download another iso. Even if it takes me weeks to set up a Linux From Scratch system it will be more than worth it."

Well - if I go in and change "root" and lock it down and he still has a back door into my system - we have a big problem.

Your "big problem" is caused by you typing "apt-get update" then "apt-get upgrade" or running the "update-manager" process which does the same thing for you in the background.

It's not a question of there being a secret "marks" account on every Ubuntu machine which he can log into whenever he pleases, it's a matter of every Ubuntu admin trusting Canonical by downloading and installing signed software packages from them.

So every time you search your computer what you are searching for goes to Ubuntu's servers? That seems like a terrible invasion of privacy.The fact that I trust them to deliver stable software doesn't mean that I would give Shuttleworth a live stream to everything I do on my computer.Goodbye Ubuntu.

Or you could just remove the package.

"We have root" was addressing "What if you are lying to us about storing all our searches and selling the information?" If you think Canonical is lying about that, they could just as easily be doing it already without telling you. That is what he meant. Basically, if you don't trust us, you should not use the product already. Which is true.

Since most user of Ubuntu are computer geeks, there will be hack soon to complete remove this search result.

I suspect the first thing for Ubuntu user after install the new OS is to remove this feature, Nothing to worry here.

RTFA Phantomman (or just click on Shuttleworth's blog post from the link). There's no need to hack anything to remove the Amazon search from 12.10. Just use a hotkey to limit your search to local targets (files, folders or apps) or uninstall it completely, or just stick with the 12.04 LTS release.

Well - if I go in and change "root" and lock it down and he still has a back door into my system - we have a big problem.

Your "big problem" is caused by you typing "apt-get update" then "apt-get upgrade" or running the "update-manager" process which does the same thing for you in the background.

It's not a question of there being a secret "marks" account on every Ubuntu machine which he can log into whenever he pleases, it's a matter of every Ubuntu admin trusting Canonical by downloading and installing signed software packages from them.

Exactly. That's exactly what Shuttleworth's comment was about, although it sounded a bit crass the way he said it. Hell, Balmer could have said the same thing about Windows. The Updater has root access. It has to in order to install updates, new software, etc. By that extension, it's safe to say that people using the OS (any of them ... Apple's, MS', Canonical's) are giving some amount of trust to them by letting the updaters run w/root privs to install things. So, his comment was spot on. People that are outraged over this...Canonical has had root access to your computer for a long time. The way they've USED it has always been transparent. They have a polling app that you can opt in and out of that helps them learn what apps people like to use. Windows is the same way, asking if you want to opt-in to their Customer Experience program. All they're doing with Dash is adding in a "Google Search"-like function. Unfortunately, the way they're doing it makes little sense. As another commenter said, if I'm searching my hdd for a pdf about... let's say "goats", why would I want to see Amazon results for "goat pens", "goat mouse pads" or other shite? THAT's where I think folks should be scratching their heads. But, it's not like it's scraping your computer for personal info behind your back to help Amazon send you targeted ads. It's just taking what you type into Dash, anon-sending to Amazon, and they send you some search results for products (at least, that's who I'm reading it). I think that would be a good idea for the Ubuntu app store, but NOT for Dash.

Since most user of Ubuntu are computer geeks, there will be hack soon to complete remove this search result.

I suspect the first thing for Ubuntu user after install the new OS is to remove this feature, Nothing to worry here.

Heck, it's not even a hack. Ahh, I see that's been well covered.

Code:

sudo apt-get remove unity-lens-shopping --purge

My initial knee-jerk was to be upset about this, but after reading more about what it will (and won't) do, I just can't get myself worked up about it.

1) Easy to remove

2) Seemingly anonymized (though I'd like more details on that -- probably not 100% anonymized from everyone in the chain, but anonymized enough for me)

3) I use the heck out of Amazon. Unless I read about some actual factual detail of the functionality which bothers me, I can't see why I'd remove it.

robrob wrote:

Wow, funding an OS off advertising. How quaint and 90's.

This doesn't seem like what they are doing to me. They are showing you Amazon products that match your searches. This is different than random or even targeted ads, IMO, but I can also see how someone could argue that this is akin to very specifically targeted ads, I suppose.

I can understand the desire to make it opt-out on their part, though I suppose it really should be opt-in. But aside from that, and that there should be a checkbox someplace rather than the command above to get rid of the Amazon results, I don't see what the big deal is.

Edit: I should add that Ubuntu has so far been funded mostly by Mark Shuttleworth opening his wallet. While the prior controversy regarding the music store affiliate code did bother me a bit, I otherwise wish nothing but success to any reasonable attempt by Shuttleworth to get money out of Ubuntu -- I like Ubuntu, and I want it to be profitable, to be sure it stays around. He's not trying to charge users for it, and he's not actually (IMO) placing ads on the desktop, so more power to him.

Edit: It seems it doesn't use https for sending the searches to Canonical. That part does bother me. Not sure if it will bother me enough to remove it or not, but the idea that every time I use the dash for anything it can be sniffed from my network connection is a bit bothersome. Let's see if they change that by release time.

90 percent of all the ads that you see everyday are by Google. What's more interesting is that if you have gmail and you're logged in (and who isn't) Google follows you everywhere you go on the net. Your Android phone sends all the time reports to Google about everything you do. And nobody gives a damn about it. They even think that it's cool that they see ads they like.

But when Canonical announces something that's not even on the same level as the things done by Google everybody starts panicking. Let's get real people. Canonical needs money to continue developing and supporting Ubuntu. If we want Ubuntu to be Linux distro for humans, we can not rely on enterprise customers of Canonical to pay our bills. If we do that in the best case we'll end up with Fedora or OpenSUSE. In the worst case we'll end up with nothing (remember Mandriva).

However, I do agree that the shopping lens still need some polishing. And some points should be cleared out. But in no case we should put the tin foil hat on and start running in circles.

Sad trend, indeed - Ubuntu is gradually getting more inconvenient to use. Instead of having to discover/police/remove more and more unwelcome "features" and restrictions (e.g., guest account, tablet UI, zeitgeist activity logging, and now this one) after each release, I would rather spend time adding functionality if and when I need it. I actually would not mind paying nominal ~$5-10/year but if the crap-creep continues, time will come to look for alternatives.

Just registered to say this: think about Microsoft sending what you type in the search bar to someone, even themselves. Or Apple. Can you imagine the outrage? If Ubuntu aims to replace any of those, it has to be measured with the same stick.

Exactly.

I'm not so familiar with Microsoft, but Apple specifically asks you before sending anything to the cloud.

I just reported a map problem, where you select a position on the map, type an email explaining what's bad about it, hit send, and it says something like "this will send the position you selected to apple. are you sure you want to do this? click here to read how we protect your privacy". When you visit a website in Safari, it doesn't ask google if the website you are visiting is safe to download, it downloads *the entire list* of every unsafe website from google and then does a local search of the database.

Canonical should have jumped through as many hoops as possible to avoid sending anything to the cloud, and if it was impossible then they should be asking for your permission first.

Personally, I'm not bothered about what Canonical or Amazon will do with my personal information. I'm worried about what other unknown groups will do *when* the information leaks or is hacked or is subpoenaed. Not if it gets out, when it gets out. It will get out eventually.

Also, since when does Canonical care about generating income? I thought they were a non profit/charity organisation. Other projects are getting along just fine with donations, I don't see why they are any different. If Canonical has some specific feature that is too expensive without some kind of fund raising, just ask me for the frickin' money and I'll gladly hand some over.

Also, since when does Canonical care about generating income? I thought they were a non profit/charity organisation.

I think we generally disagree, and that's fine. But where in the world did you get this idea? The GPL does not prevent making money, and IIRC Mark/Canonical have *never* issued a statement that becoming profitable wasn't a goal.

I don't know why there is a big furore. I personally don't mind some shopping recommendations baked into the shopping lens, or even into the applications, games, music, video lens. Ubuntu needs to fund itself too. Don't mind Ubuntu getting some affiliate revenue from Amazon. Infact, I would like to see more online vendors search results to be bundled in too. Say Best Buy, Newegg, Costco, Tigerdirect etc. Vendor lock in would be a bad idea.